Phishing Scam

Phishing scam is a type of social engineering attack where fraudster usually masquerading as a trusted entity to deceive victim into clicking a malicious link in email and text message which will lead to the installation of malware in victim’s devices or revealing of victim’s sensitive information to fraudster.

How does it work?

• Phishing emails and text messages usually appear to be coming from a trusted entity such as bank, Bank Negara Malaysia and claims that bank is now collecting personal banking information to update its database. Victim will be prompted to click on a malicious link in the email or text messages.

• Once victim clicks on the malicious link, victim will be directed to a website that looks like a legitimate website (bogus website) requesting disclosure of personal information details such as internet/ mobile banking login ID, password and One Time Password and etc.

• Fraudsters could access to the victims’ internet/ mobile banking account with the credentials that victims inputted into the bogus website.

  How to avoid phishing scam?

• Be wary of fraudulent emails and text claiming to be from reputable sources. Do not click on any links or open any attachments from unverified sender.

• Always check the spelling of the content in the text or URLs link in the email before your click or enter sensitive information.

• Never disclose password, PIN and token over the phone, email or SMS. Contact Bank of China immediately if you suspect your credential has been leaked.

• Always refer to the contact number from Bank of China’s official website or the number at the back of your bank card.